Examples with SecurityGroup org.olat.basesecurity.SecurityGroup used on opensource projects

Example 71 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.

the class ImportAuthorOverviewIdentitiesController method loadModel.

private List<Identity> loadModel(String inp) {
    // securityManager.getIdentitiesOfSecurityGroup(securityGroup);
    List<Identity> existIdents = Collections.emptyList();
    List<Identity> okIdentities = new ArrayList<Identity>();
    List<String> isanonymous = new ArrayList<String>();
    List<String> notfounds = new ArrayList<String>();
    List<String> alreadyin = new ArrayList<String>();
    SecurityGroup anonymousSecGroup = securityManager.findSecurityGroupByName(Constants.GROUP_ANONYMOUS);
    String[] lines = inp.split("\r?\n");
    for (int i = 0; i < lines.length; i++) {
        String username = lines[i].trim();
        if (!username.equals("")) {
            // skip empty lines
            Identity ident = securityManager.findIdentityByName(username);
            if (ident == null) {
                // not found, add to not-found-list
                notfounds.add(username);
            } else if (securityManager.isIdentityInSecurityGroup(ident, anonymousSecGroup)) {
                isanonymous.add(username);
            } else {
                // check if already in group
                boolean inGroup = PersistenceHelper.containsPersistable(existIdents, ident);
                if (inGroup) {
                    // added to warning: already in group
                    alreadyin.add(ident.getName());
                } else {
                    // ok to add -> preview (but filter duplicate entries)
                    if (!PersistenceHelper.containsPersistable(okIdentities, ident)) {
                        okIdentities.add(ident);
                    }
                }
            }
        }
    }
    return okIdentities;
}

Example 72 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.

the class InvitationDAO method cleanUpInvitations.

/**
 * Clean up old invitation and set to deleted temporary users
 */
public void cleanUpInvitations() {
    Calendar cal = Calendar.getInstance();
    cal.setTime(new Date());
    Date currentTime = cal.getTime();
    cal.add(Calendar.HOUR, -6);
    Date dateLimit = cal.getTime();
    StringBuilder sb = new StringBuilder(512);
    sb.append("select invitation from ").append(InvitationImpl.class.getName()).append(" as invitation ").append(" inner join invitation.baseGroup baseGroup ").append(// someone can create an invitation but not add it to a policy within millisecond
    " where invitation.creationDate<:dateLimit").append(" and not exists (").append("  select policy.group from structuretogroup as policy ").append("   where policy.group=baseGroup ").append("   and (policy.validFrom is null or policy.validFrom<=:currentDate)").append("   and (policy.validTo is null or policy.validTo>=:currentDate)").append(" )");
    List<Invitation> oldInvitations = dbInstance.getCurrentEntityManager().createQuery(sb.toString(), Invitation.class).setParameter("currentDate", currentTime).setParameter("dateLimit", dateLimit).getResultList();
    if (oldInvitations.isEmpty()) {
        return;
    }
    SecurityGroup olatUserSecGroup = securityManager.findSecurityGroupByName(Constants.GROUP_OLATUSERS);
    for (Invitation invitation : oldInvitations) {
        List<Identity> identities = groupDao.getMembers(invitation.getBaseGroup(), GroupRoles.invitee.name());
        // normally only one identity
        for (Identity identity : identities) {
            if (identity.getStatus().compareTo(Identity.STATUS_VISIBLE_LIMIT) >= 0) {
            // already deleted
            } else if (securityManager.isIdentityInSecurityGroup(identity, olatUserSecGroup)) {
            // out of scope
            } else {
                // delete user
                UserDeletionManager.getInstance().deleteIdentity(identity);
            }
        }
        Invitation invitationRef = dbInstance.getCurrentEntityManager().getReference(InvitationImpl.class, invitation.getKey());
        dbInstance.getCurrentEntityManager().remove(invitationRef);
        dbInstance.commit();
    }
}

Example 73 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.

the class CatalogManager method deleteCatalogEntry.

/**
 * delete a catalog entry and a potentially referenced substructure from db.
 * Be aware of how to use this deletion, as all the referenced substructure is
 * deleted.
 *
 * @param ce
 */
public void deleteCatalogEntry(CatalogEntry ce) {
    final boolean debug = log.isDebug();
    if (debug)
        log.debug("deleteCatalogEntry start... ce=" + ce);
    if (ce.getType() == CatalogEntry.TYPE_LEAF) {
        // reload the detached catalog entry, delete it and then the owner group
        ce = getCatalogEntryByKey(ce.getKey());
        if (ce != null) {
            SecurityGroup owner = ce.getOwnerGroup();
            dbInstance.getCurrentEntityManager().remove(ce);
            if (owner != null) {
                log.debug("deleteCatalogEntry case_1: delete owner-group=" + owner);
                securityManager.deleteSecurityGroup(owner);
            }
        }
    } else {
        List<SecurityGroup> secGroupsToBeDeleted = new ArrayList<SecurityGroup>();
        // FIXME pb: the transaction must also include the deletion of the security
        // groups. Why not using this method as a recursion and seperating the
        // deletion of the ce and the groups by collecting the groups? IMHO there
        // are not less db queries. This way the code is much less clear, e.g. the method
        // deleteCatalogSubtree does not really delete the subtree, it leaves the
        // security groups behind. I would preferre to have one delete method that
        // deletes its children first by calling itself on the children and then deletes
        // itself ant its security group. The nested transaction that occures is actually
        // not a problem, the DB object can handel this.
        deleteCatalogSubtree(ce, secGroupsToBeDeleted);
        // after deleting all entries, delete all secGroups corresponding
        for (Iterator<SecurityGroup> iter = secGroupsToBeDeleted.iterator(); iter.hasNext(); ) {
            SecurityGroup grp = iter.next();
            if (debug)
                log.debug("deleteCatalogEntry case_2: delete groups of deleteCatalogSubtree grp=" + grp);
            securityManager.deleteSecurityGroup(grp);
        }
    }
    if (debug)
        log.debug("deleteCatalogEntry END");
}

Example 74 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.

the class CourseWebService method addAuthors.

@PUT
@Path("authors")
@Consumes({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response addAuthors(UserVO[] authors, @Context HttpServletRequest httpRequest) {
    if (!isAuthorEditor(course, httpRequest) && !isInstitutionalResourceManager(httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    BaseSecurity securityManager = BaseSecurityManager.getInstance();
    List<Identity> authorList = loadIdentities(authors);
    Identity identity = getIdentity(httpRequest);
    SecurityGroup authorGroup = securityManager.findSecurityGroupByName(Constants.GROUP_AUTHORS);
    for (Identity author : authorList) {
        boolean hasBeenAuthor = securityManager.isIdentityInSecurityGroup(author, authorGroup);
        if (!hasBeenAuthor) {
            // not an author already, add this identity to the security group "authors"
            securityManager.addIdentityToSecurityGroup(author, authorGroup);
            log.audit("User::" + identity.getName() + " added system role::" + Constants.GROUP_AUTHORS + " to user::" + author.getName() + " via addAuthor method in course REST API", null);
        }
    }
    // add the author as owner of the course
    RepositoryEntry repositoryEntry = course.getCourseEnvironment().getCourseGroupManager().getCourseEntry();
    IdentitiesAddEvent identitiesAddedEvent = new IdentitiesAddEvent(authorList);
    RepositoryManager.getInstance().addOwners(identity, identitiesAddedEvent, repositoryEntry, new MailPackage(false));
    return Response.ok().build();
}

Example 75 with SecurityGroup

use of org.olat.basesecurity.SecurityGroup in project OpenOLAT by OpenOLAT.

the class CatalogWebService method getOwners.

/**
 * Get the owners of the local sub tree
 * @response.representation.200.qname {http://www.example.com}userVO
 * @response.representation.200.mediaType application/xml, application/json
 * @response.representation.200.doc The catalog entry
 * @response.representation.200.example {@link org.olat.user.restapi.Examples#SAMPLE_USERVOes}
 * @response.representation.401.doc Not authorized
 * @response.representation.404.doc The path could not be resolved to a valid catalog entry
 * @param path The path
 * @param httpRquest The HTTP request
 * @return The response
 */
@GET
@Path("{path:.*}/owners")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public Response getOwners(@PathParam("path") List<PathSegment> path, @Context HttpServletRequest httpRequest) {
    Long key = getCatalogEntryKeyFromPath(path);
    if (key == null) {
        return Response.serverError().status(Status.NOT_ACCEPTABLE).build();
    }
    CatalogEntry ce = catalogManager.loadCatalogEntry(key);
    if (ce == null) {
        return Response.serverError().status(Status.NOT_FOUND).build();
    }
    if (!isAuthor(httpRequest) && !canAdminSubTree(ce, httpRequest)) {
        return Response.serverError().status(Status.UNAUTHORIZED).build();
    }
    SecurityGroup sg = ce.getOwnerGroup();
    if (sg == null) {
        return Response.ok(new UserVO[0]).build();
    }
    List<Identity> ids = BaseSecurityManager.getInstance().getIdentitiesOfSecurityGroup(sg);
    int count = 0;
    UserVO[] voes = new UserVO[ids.size()];
    for (Identity id : ids) {
        voes[count++] = UserVOFactory.get(id);
    }
    return Response.ok(voes).build();
}